Sam,I tripped over this bug but thought I didn't set things up properly. You've been teasing us with the next release for a while. Thanks for letting us know it's still on it's way.
Gary On 02/03/2015 08:04 PM, Sam Clippinger via spamdyke-users wrote:
You're quite correct -- this is a bug in version 5.0.0. I've got it fixed in the next version, hopefully to be released very soon.-- Sam ClippingerOn Feb 2, 2015, at 1:38 PM, Heiko Bornholdt via spamdyke-users <spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>> wrote:Hi,I’m trying to replace my Spamdyke 4.3 with 5.0. I want to disable SSLv3 because of POODLE.I’m using Ubuntu 12.04 LTS and have Spamdyke compiled from source without any special configuration.root@andromeda:~# spamdyke --versionspamdyke 5.0.0+TLS+CONFIGTEST+DEBUG (C)2014 Sam Clippinger, samc (at) silence (dot) orghttp://www.spamdyke.org/This is my run-script:root@andromeda:~# cat /etc/service/qmail-relay-submit/run #!/bin/sh QMAILUID=`id -u qmaild` NOFILESGID=`id -g qmaild`exec tcpserver -v -HPR -u $QMAILUID -g $NOFILESGID 0 587 spamdyke -f /etc/spamdyke-587.conf /usr/sbin/qmail-smtpd 2>&1I have problems with submitting messages via SMTP. I have debugged the problem with swaks and tcpdump, and so I have discovered, that with my configuration Spamdyke is sending incomplete SMTP answers.From my local computer I run:[heiko@dhcp-172-21-37-9 ~]$ swaks -t he...@bornholdt.it <mailto:he...@bornholdt.it> -f he...@andromeda.bornholdt.it <mailto:he...@andromeda.bornholdt.it> --server andromeda.bornholdt.it <http://andromeda.bornholdt.it/>:587 --auth --auth-user=heikoPassword: s3cr3t=== Trying andromeda.bornholdt.it <http://andromeda.bornholdt.it/>:587... === Connected to andromeda.bornholdt.it <http://andromeda.bornholdt.it/>.<- 220 andromeda.bornholdt.it <http://andromeda.bornholdt.it/> ESMTP -> EHLO dhcp-172-21-37-9.wlan.uni-hamburg.de.local <** Timeout (30 secs) waiting for server response -> HELO dhcp-172-21-37-9.wlan.uni-hamburg.de.local <- 250 andromeda.bornholdt.it <http://andromeda.bornholdt.it/> *** Host did not advertise authentication -> QUIT <- 221 andromeda.bornholdt.it <http://andromeda.bornholdt.it/> === Connection closed with remote host.And on the server:root@andromeda:~# tcpflow -i any -C -e port 587 tcpflow[9428]: listening on any 220 andromeda.bornholdt.it <http://andromeda.bornholdt.it/> ESMTP EHLO dhcp-172-21-37-9.wlan.uni-hamburg.de.local 250-andromeda.bornholdt.it <http://250-andromeda.bornholdt.it/> 250-PIPELINING 250-8BITMIME 250-AUTH LOGIN PLAIN 250-STARTTLSNothing happens for 30 seconds and then the client aborts because of a timeout.My configuration:root@andromeda:~# cat /etc/spamdyke-587.conf log-level=verbose log-target=stderr smtp-auth-level=alwayssmtp-auth-command=/usr/bin/checkvpw /usr/local/bin/heiko-smtp-auth-logger maildirhostname-file=/var/lib/qmail/control/me tls-level=smtp tls-certificate-file=/etc/qmail/servercert.pem tls-privatekey-file=/etc/qmail/servercert.pem tls-cipher-list=kEDH:AESGCM:HIGH:+MEDIUM:TLSv1:+ALL:!RC4:!SEED:!IDEA:!RC2:!3DES:!DES:!MD5:!DSS:!aNULL:!eNULL:!ECDSA:!ECDH:!PSK:!SRP tls-dhparams-file=/etc/ssl/private/dhparam2048.pem qmail-morercpthosts-cdb=/var/lib/qmail/control/morercpthosts.cdb qmail-rcpthosts-file=/dev/nullLog:root@andromeda:~# cat /var/log/qmail/qmail-relay-submit/current | tai64nlocal2015-02-02 18:33:29.206085500 tcpserver: status: 1/40 2015-02-02 18:33:29.206143500 tcpserver: pid 11591 from 134.100.17.12015-02-02 18:33:29.212386500 tcpserver: ok 11591 static.199.121.76.144.clients.your-server.de <http://clients.your-server.de/>:::ffff:144.76.121.199:587 :::ffff:134.100.17.1::57359 2015-02-02 18:33:29.213511500 spamdyke[11591]: ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver found: 2a01:4f8:0:a111::add:9898 2015-02-02 18:33:29.213579500 spamdyke[11591]: ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver found: 2a01:4f8:0:a102::add:9999 2015-02-02 18:33:29.213609500 spamdyke[11591]: ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver found: 2a01:4f8:0:a0a1::add:10102015-02-02 18:33:59.323577500 tcpserver: end 11591 status 0 2015-02-02 18:33:59.323578500 tcpserver: status: 0/40I think, the problem is, that the server will send “250-STARTTLS” and not “250 STARTTLS” (missing hyphen). So the client thinks, that the message is not complete and waits for the next line.Best regards, Heiko _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> http://www.spamdyke.org/mailman/listinfo/spamdyke-users_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
